In September, TwinHeadedEagle helped member Gene F. solve his dllhost spawing problem. I have an issue that appears to be the same persistent problem and possible infection of my system. I initially tried to start a private conversation with TwinHeadedEagle before I noticed his instruction to post issues in the forum rather than contacting him directly. Sorry about that.
My computer is a Dell Latitude E5420 running the 64-bit version of Windows 7 Home Premium with Service Pack 1 installed. I use Norton 360 as primary security and also run SpyBot, Malwarebytes and CCleaner from time to time. The system has been stable and running clear for over a year up until last Friday or so when it started to bog down and well established websites began regularly to go unresponsive. The specific symptoms:
Processor and memory usage at very high levels.
Numerous and respawning dllhost.exe *32 Com Surrogate processes running.
Norton Blocked messages:
System Infected: Trojan.Powelik Activity
Web Attack: Exploit Toolkit Website 33
Trojan.Adclicker Activity
Other error messages:
Norton High Memory Usage by COM Surrogate
Windows message Powershell has stopped working.
In addition, Inrernet Explorer security settings keep switching back to prevent downloads.
I ran a Norton 360 full system scan and nothing was detected.
I ran the Norton 360 registry clean up and some minor issues were resolved.
The problem persisted so I ran SpyBot free edition. It detected and removed some tracking cookies.
The problem persisted so I ran CCleaner. It did not detect any malware or the like, but it did cleanup files and it resolved additional minor registry issues.
The problem persisted so I ran Malwarebytes Anti-Malware free edition. It found a few items and quarantined the problems.
The problem persisted so I ran Norton PowerEraser. I cannot recall if any problems were detected, but it successfully ran to completion.
Norton support tried removing backing out a Windows update that they believed was the problem but the problem reappeared after about an hour.
I used the Norton firewall to prevent dllhost.exe from accessing the Internet, and that seems to have isolated but not fixed the underlying problem.
It appears that I have some deep infection or other problem that the usual tools cannot remove or resolve.
I have run the Farbar Recovery Scan Tool and the frst and addition txt files are attached.
Thanks very much in advance for your assistance with this matter.
Regards,
Analog
My computer is a Dell Latitude E5420 running the 64-bit version of Windows 7 Home Premium with Service Pack 1 installed. I use Norton 360 as primary security and also run SpyBot, Malwarebytes and CCleaner from time to time. The system has been stable and running clear for over a year up until last Friday or so when it started to bog down and well established websites began regularly to go unresponsive. The specific symptoms:
Processor and memory usage at very high levels.
Numerous and respawning dllhost.exe *32 Com Surrogate processes running.
Norton Blocked messages:
System Infected: Trojan.Powelik Activity
Web Attack: Exploit Toolkit Website 33
Trojan.Adclicker Activity
Other error messages:
Norton High Memory Usage by COM Surrogate
Windows message Powershell has stopped working.
In addition, Inrernet Explorer security settings keep switching back to prevent downloads.
I ran a Norton 360 full system scan and nothing was detected.
I ran the Norton 360 registry clean up and some minor issues were resolved.
The problem persisted so I ran SpyBot free edition. It detected and removed some tracking cookies.
The problem persisted so I ran CCleaner. It did not detect any malware or the like, but it did cleanup files and it resolved additional minor registry issues.
The problem persisted so I ran Malwarebytes Anti-Malware free edition. It found a few items and quarantined the problems.
The problem persisted so I ran Norton PowerEraser. I cannot recall if any problems were detected, but it successfully ran to completion.
Norton support tried removing backing out a Windows update that they believed was the problem but the problem reappeared after about an hour.
I used the Norton firewall to prevent dllhost.exe from accessing the Internet, and that seems to have isolated but not fixed the underlying problem.
It appears that I have some deep infection or other problem that the usual tools cannot remove or resolve.
I have run the Farbar Recovery Scan Tool and the frst and addition txt files are attached.
Thanks very much in advance for your assistance with this matter.
Regards,
Analog
Attachments
Last edited: